ModSecurity is the world's most popular Web Application Firewall (WAF). A WAF is a system that analyzes HTTP requests against various rules to determine if the request is malicious.
ModSecurity was originally created and developed by Ivan Ristić, a security expert who is also the founder of SSL Labs and a Technical Advisory Board Member of Let's Encrypt.
The fundamental idea behind ModSecurity is to inspect the content of a request, determine if the request appears to be malicious, and block the request if it is.
As ModSecurity is only the engine itself, it requires rules to be useful. These rules are instructions about what to look for in requests and what to do if a request matches a rule.
Maintaining ModSecurity for Apache or Nginx can be time consuming, frustrating, and error-prone. As a result, some people may stop using ModSecurity altogether and leave their WordPress sites exposed to attacks.